Lucene search
+L

1366 matches found

Github Security Blog
Github Security Blog
added 2026/03/05 9:43 p.m.9 views

Plane has SSRF via Incomplete IP Validation in Webhook URL Serializer

Summary The webhook URL validation in plane/app/serializers/webhook.py only checks ip.isloopback, allowing attackers with workspace ADMIN role to create webhooks pointing to private/internal network addresses 10.x.x.x, 172.16.x.x, 192.168.x.x, 169.254.169.254, etc.. When webhook events fire, the...

8.5CVSS5.9AI score0.00284EPSS
Exploits0References4Affected Software1
Snyk
Snyk
added 2026/03/03 5:59 p.m.6 views

Cross-site Scripting (XSS)

Overview wagtail is an open source content management system built on Django. Affected versions of this package are vulnerable to Cross-site Scripting XSS in the wagtail.contrib.simpletranslation module. A user with access to the admin area can execute arbitrary JavaScript code in the context of...

8.4CVSS5.7AI score0.00459EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/03 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-21725

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A time-of-create-to-time-of-use TOCTOU vulnerability lets recently deleted-then-recreated data sources be re-deleted without permission to do so. This requires...

2.6CVSS6AI score0.00175EPSS
Exploits0References3
NVD
NVD
added 2026/02/26 2:16 a.m.11 views

CVE-2026-27899

WireGuard Portal or wg-portal is a web-based configuration portal for WireGuard server management. Prior to version 2.1.3, any authenticated non-admin user can become a full administrator by sending a single PUT request to their own user profile endpoint with "IsAdmin": true in the JSON body. Aft...

8.8CVSS0.00306EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/20 1:25 p.m.6 views

CVE-2025-12107

Due to the use of a vulnerable third-party Velocity template engine, a malicious actor with admin privilege may inject and execute arbitrary template syntax within server-side templates. Successful exploitation of this vulnerability could allow a malicious actor with admin privilege to inject and...

8.4CVSS6.3AI score0.00618EPSS
Exploits0References1
NVD
NVD
added 2026/02/19 10:16 a.m.6 views

CVE-2025-12107

Due to the use of a vulnerable third-party Velocity template engine, a malicious actor with admin privilege may inject and execute arbitrary template syntax within server-side templates. Successful exploitation of this vulnerability could allow a malicious actor with admin privilege to inject and...

8.4CVSS0.00618EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/19 10:4 a.m.4 views

CVE-2025-12107 Potential authenticated Server-Side Template Injection (SSTI) vulnerability.

Due to the use of a vulnerable third-party Velocity template engine, a malicious actor with admin privilege may inject and execute arbitrary template syntax within server-side templates. Successful exploitation of this vulnerability could allow a malicious actor with admin privilege to inject and...

8.4CVSS6.4AI score0.00618EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/19 10:4 a.m.5 views

CVE-2025-12107

Due to the use of a vulnerable third-party Velocity template engine, a malicious actor with admin privilege may inject and execute arbitrary template syntax within server-side templates. Successful exploitation of this vulnerability could allow a malicious actor with admin privilege to inject and...

10CVSS6.4AI score0.00618EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/19 12:0 a.m.6 views

PT-2026-20796

Name of the Vulnerable Software and Affected Versions versions prior to Feb. 19, 2026 Description The software uses a vulnerable third-party Velocity template engine, allowing a malicious actor with admin privilege to inject and execute arbitrary template syntax within server-side templates...

10CVSS6AI score0.00618EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2026/02/12 6:0 a.m.6 views

CVE-2025-14892 Prime Listing Manager <= 1.1 - Unauthenticated Privilege Escalation

The Prime Listing Manager WordPress plugin through 1.1 allows an attacker to gain administrative access without having any kind of account on the targeted site and perform unauthorized actions due to a hardcoded secret...

5.4AI score0.00366EPSS
Exploits0References1
OSV
OSV
added 2026/02/10 8:16 p.m.7 views

UBUNTU-CVE-2025-29952

Improper Initialization within the AMD Secure Encrypted Virtualization SEV firmware can allow an admin privileged attacker to corrupt RMP covered memory, potentially resulting in loss of guest memory integrity...

5.9CVSS5.8AI score0.00143EPSS
Exploits0References3
OSV
OSV
added 2026/02/10 4:16 a.m.8 views

CVE-2026-24312

An erroneous authorization check in SAP Business Workflow leads to privilege escalation. An authenticated administrative user can bypass role restrictions by leveraging permissions from a less sensitive function to execute unauthorized, high-privilege actions. This has a high impact on data...

5.2CVSS5.8AI score0.0017EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/09 9:7 p.m.36 views

CVE-2026-25875 PlaciPy Admin Privilege Escalation via Trusted JWT Claims

PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, The admin authorization middleware trusts client-controlled JWT claims role and scope without enforcing server-side role verification...

9.3CVSS0.00288EPSS
Exploits0References1
CVE
CVE
added 2026/02/09 9:7 p.m.25 views

CVE-2026-25875

PlaciPy 1.0.0 is affected by CVE-2026-25875 where the admin authorization middleware trusts client-controlled JWT claims (role and scope) without server-side verification. This can enable privilege escalation or unauthorized admin-level actions by an attacker presenting manipulated JWTs. The CVSS...

9.8CVSS5.4AI score0.00288EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2026/02/09 9:7 p.m.7 views

CVE-2026-25875 PlaciPy Admin Privilege Escalation via Trusted JWT Claims

PlaciPy is a placement management system designed for educational institutions. In version 1.0.0, The admin authorization middleware trusts client-controlled JWT claims role and scope without enforcing server-side role verification...

9.3CVSS5.5AI score0.00288EPSS
Exploits0References3
Snyk
Snyk
added 2026/02/06 6:52 p.m.6 views

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal in the SettingsGitHooksEdit function, accessible via the name parameter to the /username/reponame/settings/hooks/git endpoint. An admin user with AllowGitHook privilege can read and write arbitrary files on the serve...

8.5CVSS6.5AI score0.00456EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/02/05 1:55 a.m.4 views

CVE-2025-11730

A post‑authentication command injection vulnerability in the Dynamic DNS DDNS configuration CLI command in Zyxel ATP series firmware versions from V5.35 through V5.41, USG FLEX series firmware versions from V5.35 through V5.41, USG FLEX 50W series firmware versions from V5.35 through V5.41, and...

7.2CVSS5.6AI score0.01354EPSS
Exploits0References1
CVE
CVE
added 2026/02/05 12:0 a.m.15 views

CVE-2025-68723

Axigen Mail Server before 10.5.57 contains multiple stored XSS in the WebAdmin interface. The three vulnerable areas are: (1) log file name parameter on the Local Services Log page, (2) certificate file content in the SSL Certificates View Usage feature, and (3) the Certificate File name paramete...

9CVSS5.5AI score0.00261EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/02/03 6:10 p.m.28 views

CVE-2026-25522 Craft Commerce has Stored XSS in Shipping Zone (Name & Description) Fields Leading to Potential Privilege Escalation

Craft Commerce is an ecommerce platform for Craft CMS. In versions from 4.0.0-RC1 to 4.10.0 and from 5.0.0 to 5.5.1, a stored XSS vulnerability in Craft Commerce allows attackers to execute malicious JavaScript in an administrator’s browser. This occurs because the Shipping Zone Name & Descriptio...

6.1CVSS0.00261EPSS
Exploits1References4
OSV
OSV
added 2026/02/03 6:10 p.m.7 views

CVE-2026-25522 Craft Commerce has Stored XSS in Shipping Zone (Name & Description) Fields Leading to Potential Privilege Escalation

Craft Commerce is an ecommerce platform for Craft CMS. In versions from 4.0.0-RC1 to 4.10.0 and from 5.0.0 to 5.5.1, a stored XSS vulnerability in Craft Commerce allows attackers to execute malicious JavaScript in an administrator’s browser. This occurs because the Shipping Zone Name & Descriptio...

6.1CVSS5.5AI score0.00261EPSS
Exploits1References6
Rows per page
Query Builder